EUVD-2016-9954

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-9137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a...

SUSE CVE-2016-9137

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

Amazon Linux AMI : php56 (ALAS-2017-787)

A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy. An attacker could create a crafted image that would lead to a crash or, potentially, code...

Medium: php70

Issue Overview: The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access via crafted serialized data...

CVE-2016-9137

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

Design/Logic Flaw

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

CVE-2016-9137

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

CVE-2016-9137

CVE-2016-9137 is a Use-After-Free vulnerability in PHP’s CURLFile implementation (ext/curl/curl_file.c). The issue affects PHP before 5.6.27 and 7.x before 7.0.12, where crafted serialized data mishandled during __wakeup can lead to denial of service or possibly other impact. Connected sources co...

CVE-2016-9137

Removed by vendor...

CVE-2016-9137

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

PHP 5.6.26 and 7.0.11 Use After Free in unserialize() Vulnerability

Exploit for php platform in category remote exploits PoC: References: https://bugs.php.net/bug.php?id=73147 0day.today 2018-04-08...